diff options
author | Daniel Shahaf <d.s@daniel.shahaf.name> | 2020-07-02 17:40:18 +0000 |
---|---|---|
committer | Daniel Shahaf <d.s@daniel.shahaf.name> | 2020-07-05 11:11:22 +0000 |
commit | 63fde0b744130d95e463299e204ddc5c46199b08 (patch) | |
tree | d70e49853c861b2a381c590143686f93a12481dc /ChangeLog | |
parent | 4e471c3f899b485e7a4122c75da1500c2d509236 (diff) | |
download | zsh-63fde0b744130d95e463299e204ddc5c46199b08.tar.gz zsh-63fde0b744130d95e463299e204ddc5c46199b08.tar.xz zsh-63fde0b744130d95e463299e204ddc5c46199b08.zip |
46174/0001: test harness: Plug a symlink attack
The test harness created tempfiles with a predictable names and sourced them without verifying they had been created by itself. This opened anyone who ran the test suite to a symlink attacks from other local users on the build machine. Fix this by creating the file whilst NO_CLOBBER and ERR_EXIT are both in scope, to ensure that we'll abort unless the file really was created as expected. Put the existing rm(1) call in a try/always block to help it be unlinked on test failures, thus reducing the chances of the NO_CLOBBER check triggering on tempfiles created by earlier test suite runs. I had first tried to fix this by using the . () { ... } =(:) . idiom, but couldn't get that to work: it broke the %prep code of X03 with ZTST_verbose unset (its default value) but not with ZTST_verbose=3. (I tried to set the latter to debug zpty_flush.) While there, add a needed-in-principle-but-noop-in-this-specific-case (q). Indentation will be restored in the next commit.
Diffstat (limited to 'ChangeLog')
-rw-r--r-- | ChangeLog | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog index fa1c74563..a40cf72d6 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,7 @@ +2020-07-05 Daniel Shahaf <d.s@daniel.shahaf.name> + + * 46174/0001: Test/comptest: test harness: Plug a symlink attack + 2020-07-03 Matthew Martin <phy1729@gmail.com> * 46168: Src/builtin.c, Test/B01cd.ztst: Update $PWD and call |